summaryrefslogtreecommitdiffstats
path: root/src/cephadm
diff options
context:
space:
mode:
authorGuillaume Abrioux <gabrioux@ibm.com>2024-08-08 21:12:38 +0200
committerGitHub <noreply@github.com>2024-08-08 21:12:38 +0200
commit1924efd8db7d17cac43ddcffb902dc72e3f0f510 (patch)
treeaab73ae7a65fbf4148b7f97871efbe6f940bfb41 /src/cephadm
parentMerge PR #58861 into main (diff)
parentqa/cephadm: use cephadm ceph-volume directly to zap devs (diff)
downloadceph-1924efd8db7d17cac43ddcffb902dc72e3f0f510.tar.xz
ceph-1924efd8db7d17cac43ddcffb902dc72e3f0f510.zip
Merge pull request #57037 from adk3798/cephadm-limit-shell-mounts
cephadm: limit mounts for shell and ceph-volume commands
Diffstat (limited to 'src/cephadm')
-rwxr-xr-xsrc/cephadm/cephadm.py4
-rw-r--r--src/cephadm/cephadmlib/daemons/ceph.py21
-rw-r--r--src/cephadm/tests/test_cephadm.py1
3 files changed, 20 insertions, 6 deletions
diff --git a/src/cephadm/cephadm.py b/src/cephadm/cephadm.py
index fc99d9c17a5..7450d0945ed 100755
--- a/src/cephadm/cephadm.py
+++ b/src/cephadm/cephadm.py
@@ -3172,7 +3172,7 @@ def command_shell(ctx):
daemon_type = ctx.name
daemon_id = None
else:
- daemon_type = 'osd' # get the most mounts
+ daemon_type = 'shell' # get limited set of mounts
daemon_id = None
if ctx.fsid and daemon_type in ceph_daemons():
@@ -3310,7 +3310,7 @@ def command_ceph_volume(ctx):
lock.acquire()
(uid, gid) = (0, 0) # ceph-volume runs as root
- mounts = get_container_mounts_for_type(ctx, ctx.fsid, 'osd')
+ mounts = get_container_mounts_for_type(ctx, ctx.fsid, 'ceph-volume')
tmp_config = None
tmp_keyring = None
diff --git a/src/cephadm/cephadmlib/daemons/ceph.py b/src/cephadm/cephadmlib/daemons/ceph.py
index efb013c7e09..cf26e017164 100644
--- a/src/cephadm/cephadmlib/daemons/ceph.py
+++ b/src/cephadm/cephadmlib/daemons/ceph.py
@@ -424,12 +424,17 @@ def get_ceph_mounts_for_type(
"""
mounts = dict()
- if daemon_type in ceph_daemons():
+ if daemon_type in ceph_daemons() or daemon_type in [
+ 'ceph-volume',
+ 'shell',
+ ]:
if fsid:
run_path = os.path.join('/var/run/ceph', fsid)
if os.path.exists(run_path):
mounts[run_path] = '/var/run/ceph:z'
log_dir = os.path.join(ctx.log_dir, fsid)
+ if not os.path.exists(log_dir):
+ os.mkdir(log_dir)
mounts[log_dir] = '/var/log/ceph:z'
crash_dir = '/var/lib/ceph/%s/crash' % fsid
if os.path.exists(crash_dir):
@@ -438,14 +443,19 @@ def get_ceph_mounts_for_type(
journald_sock_dir = '/run/systemd/journal'
mounts[journald_sock_dir] = journald_sock_dir
- if daemon_type in ['mon', 'osd', 'clusterless-ceph-volume']:
+ if daemon_type in [
+ 'mon',
+ 'osd',
+ 'ceph-volume',
+ 'clusterless-ceph-volume',
+ ]:
mounts['/dev'] = '/dev' # FIXME: narrow this down?
mounts['/run/udev'] = '/run/udev'
- if daemon_type in ['osd', 'clusterless-ceph-volume']:
+ if daemon_type in ['osd', 'ceph-volume', 'clusterless-ceph-volume']:
mounts['/sys'] = '/sys' # for numa.cc, pick_address, cgroups, ...
mounts['/run/lvm'] = '/run/lvm'
mounts['/run/lock/lvm'] = '/run/lock/lvm'
- if daemon_type == 'osd':
+ if daemon_type in ['osd', 'ceph-volume']:
# selinux-policy in the container may not match the host.
if HostFacts(ctx).selinux_enabled:
cluster_dir = f'{ctx.data_dir}/{fsid}'
@@ -458,7 +468,10 @@ def get_ceph_mounts_for_type(
logger.error(
f'Cluster direcotry {cluster_dir} does not exist.'
)
+ if daemon_type == 'osd':
mounts['/'] = '/rootfs'
+ elif daemon_type == 'ceph-volume':
+ mounts['/'] = '/rootfs:rslave'
try:
if (
diff --git a/src/cephadm/tests/test_cephadm.py b/src/cephadm/tests/test_cephadm.py
index 9e0345fe758..928982de70b 100644
--- a/src/cephadm/tests/test_cephadm.py
+++ b/src/cephadm/tests/test_cephadm.py
@@ -380,6 +380,7 @@ class TestCephAdm(object):
_deploy_daemon = funkypatch.patch('cephadm.deploy_daemon')
funkypatch.patch('cephadm.make_var_run')
funkypatch.patch('cephadmlib.file_utils.make_run_dir')
+ funkypatch.patch('os.mkdir')
_migrate_sysctl = funkypatch.patch('cephadm.migrate_sysctl_dir')
funkypatch.patch(
'cephadm.check_unit',